
Microsoft Warns of SIP-Bypassing ‘Shrootless’ macOS Vulnerability

MacBook Pro Keyboard - Image by Robin Wolff

Microsoft is warning of a vulnerability impacting macOS that could bypass System Integrity Protection (SIP).

SIP prevents unauthorized code from executing on macOS, and is one of the layers Apple employs to keep the OS secure. In particular, SIP is designed to keep an account with root access from doing something that could compromise the system.

According to Microsoft, the vulnerability, dubbed Shrootless, “could allow an attacker to bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device. We also found a similar technique that could allow an attacker to elevate their privileges to root an affected device.”

Microsoft has shared its findings with Apple, so hopefully there will be a fix shortly.